Resources

The Internet Health Report helps network operators to monitor network conditions. Data is collected with RIPE Atlas and BGPstream.

ANY.RUN is an online malicious content analysis service created for dynamic as well as static research of multiple types of cyber threats.

URLhaus is a project from abuse.ch with the goal of sharing malicious URLs that are being used for malware distribution.

We scan the internet and acquire data that can be transformed into threat intelligence feeds or security reports. 

urlscan.io is a URL and website scanner for potentially malicious websites

Intezer’s Genetic Malware Analysis technology enables security teams to automate memory and file analysis

VirusBay is a web-based, collaboration platform that connects security operations center (SOC) professionals with relevant malware researchers.

CVEdetails.com is a free CVE security vulnerability database/information source.

Analyze suspicious files and URLs to detect types of malware, automatically share them with the security community

The Exploit Database - Exploits, Remote Exploits, Local Exploits, Web Apps, and more.

The Netlab OpenData project provides multiple data feeds, including DGA, EK, MalCon, Mirai C2, Hajime-Scanner and DRDoS Reflector.

NetworkScan Mon system captures more than 10k scanner IPs every day and has a neat way to research on scan activities.

Honeypot statistics, data and others stuff about malware and network security.

NJCCIC is the State's one-stop shop for cybersecurity information sharing, threat analysis, and incident reporting.

IP Address API and Data Solutions - geolocation, company, carrier info, type and more

Internet Outage Detection Analysis. A CAIDA project to develop an operational prototype system that monitors the Internet.

Internet Outage Detection Analysis. A CAIDA project to develop an operational prototype system that monitors the Internet.

DDoSMon is a global DDoS attack monitoring system that sees on average more than 30k unique DDos attacks every single day.

Data collected via honeypots checking for distinct network traffic generated by Mirai-like botnets. Updated hourly with new source IP addresses detected.